Command-jacking used to launch malicious code on open-source platforms

Entry points have been observed being attacked across multiple open-source environments with an aim towards launching supply chain attacks.

In an Oct. 14 blog post, Checkmarx researchers explained that attackers can exploit entry points to launch malicious code across the following environments: PyPI (Python), npm (JavaScript), Ruby Gems, NuGet (.Net), Dart Pub, and Rust Crates.

One of the main attack methods includes command-jacking, which is what the researchers describe as impersonating popular third-party tools and system command and then targeting various stages of the development process via malicious plug-ins and extensions. The researchers said the entry-point attacks offer bad actors a more stealthy and persistent method of compromising system environments because it lets them bypass traditional security checks.

In ecosystems such as PyPI, npm, and Rust Crates, Jason Soroko, senior fellow at Sectigo, said such attacks are a powerful way to introduce malicious code into developer workflows and CI/CD pipelines, bypassing standard security controls.

Command-jacking defined

Soroko explained that command-jacking in software supply chain attacks often exploits the "path order," in which attackers manipulate how systems prioritize commands for execution. Operating systems and programming environments follow a specific order when searching for commands, executing the first match they find in the path, which lets attackers place malicious versions of commonly used commands earlier in the directory path, hijacking legitimate operations, Soroko said.

To defend against such attacks, Soroko said development teams must start by auditing the path order. Ensuring that trusted directories are prioritized reduces the chances of executing malicious commands. Locking down dependencies through strict versioning and careful dependency management can also help prevent rogue packages from being introduced into the environment. Additionally, Soroko said teams should enforce package signing to validate that only trusted and signed packages are executed. Finally, minimizing privileges ensures that commands and processes are run with the least amount of privilege necessary, reducing the damage a compromised environment could inflict.

Callie Guenther, cyber threat research senior manager at Critical Start, added that when developers install these malicious packages — sometimes distributed as “.whl” files — the fake commands hijack legitimate ones.

“Once executed, these malicious commands can harvest sensitive information, such as API keys, credentials, or cloud configurations, potentially opening the door to espionage or unauthorized access to critical infrastructure,” said Guenther, an SC Media columnist.